b195889d74845df8038cfe47e7533e8c_JaffaCakes118

General

Target

b195889d74845df8038cfe47e7533e8c_JaffaCakes118
Size

113KB
MD5

b195889d74845df8038cfe47e7533e8c
SHA1

b72f44aac0229d8e0171be100d4303e5b56e4275
SHA256

c7bc8754634848395f946e754bc45b605e2843176a47547e33f9b9a88d524f38
SHA512

ba30c2d7b5f25aed7506198dcecdbf0e3b78183a20dc62a16b46e7c85ac30b068403782a2575366d3c95aded758c72849ee33d7b8e440d1d2fe5b6ad66ff7179
SSDEEP

1536:m7WTSlrd9nBkEfIPvSXg8opQj2424QsrunRC8Xof3gK8boyUYNCg:m7pdUqInSwHQ6lTVFC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b195889d74845df8038cfe47e7533e8c_JaffaCakes118

Files

b195889d74845df8038cfe47e7533e8c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

43863d52b2b47702b73471ee5ca4f462

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

TranslateMessage
GetDesktopWindow
GetParent
CharNextA
GetSystemMetrics

gdi32

CreateCompatibleDC
CreatePen
SetTextColor
RectVisible
CreateSolidBrush
GetClipBox
SetTextAlign
GetObjectA
CreateFontIndirectA
DeleteDC
RestoreDC
SetMapMode
LineTo
SetPixel
GetDeviceCaps
SaveDC
SelectPalette
GetPixel
CreatePalette
PatBlt
DeleteObject
GetStockObject
SetStretchBltMode
SelectObject
GetTextMetricsA

kernel32

GetUserDefaultLangID
GetModuleHandleA
GetCurrentProcess
GetWindowsDirectoryA
GetTickCount
DeleteFileW
GetThreadLocale
lstrcmpA
GetModuleHandleW
GetCurrentProcessId
GetProcessHeap
GetCurrentThreadId
GlobalFindAtomW
GetCommandLineA
GetConsoleOutputCP
lstrlenA
SetCurrentDirectoryA
lstrcmpiA
GetVersion
RemoveDirectoryW
lstrlenW
QueryPerformanceCounter
lstrcmpiW
GetACP
DeleteFileA
GetDriveTypeA
IsDebuggerPresent
RemoveDirectoryA
CopyFileA
GlobalFindAtomA
MulDiv
GetCurrentThread
VirtualAlloc
GetCommandLineW
VirtualFree
GetOEMCP

glu32

gluQuadricCallback

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 80KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

43863d52b2b47702b73471ee5ca4f462

Headers

File Characteristics

Imports

user32

gdi32

kernel32

glu32

Sections

.text Size: 13KB - Virtual size: 13KB

.rdata Size: 7KB - Virtual size: 6KB

.data Size: 80KB - Virtual size: 79KB

.rsrc Size: 11KB - Virtual size: 11KB

.text
Size: 13KB - Virtual size: 13KB

.rdata
Size: 7KB - Virtual size: 6KB

.data
Size: 80KB - Virtual size: 79KB

.rsrc
Size: 11KB - Virtual size: 11KB